Most devs support GateKeeper, but some worry about the future of the platform.

GateKeeper can be used to block non-Mac-App-Store or unsigned apps, but it might also prevent developers from getting into programming on the Mac.

Remember the wails about Apple turning OS X into a "walled garden" when news of GateKeeper emerged? The tool, which allows OS X users to restrict where their apps come from, was announced in February 2012 and was included with Mountain Lion when it was released in July. The controversy hinged on Apple's attempt to guide users toward installing only those apps downloaded from the Mac App Store, or at least settling for a middle ground wherein users could also install apps "signed" by the developer—an action that still costs the developer $99 per year and pads Apple's bank account.

The goal was to increase security on the Mac—especially in light of the recent Flashback scare—but power users bristled. GateKeeper does allow Mac users to install apps from any source they'd like, but it's not as easy as it used to be. The OS throws up flags that warn users about unsigned applications, which can easily discourage people from trying new software.

On the developer side, however, there was a cautious optimism that GateKeeper could mean good things for Mac users. Before GateKeeper was released to the public, Ars interviewed a number of developers who told us they generally felt comfortable with the tiers of control, even if things weren't perfect. Some acknowledged that Apple was indeed stepping up its level of control over users' computers, however, and expressed concern that Apple could change its default settings at any time to limit software distribution even further.

So has the apocalypse come? Two months post-Mountain Lion, are developers suffering from GateKeeper's new restrictions? We reached out to a handful of Mac developers for their perspective, and to see how their work has been impacted by the change.

End-users are better off with GateKeeper

Every developer we spoke to said they believe end users are better off security-wise with GateKeeper. Whether it's because users need to be protected from themselves or they simply need an extra layer of security so they can sleep easier at night, there appears to be a tremendous level of confidence in the fact that users are safer now.

"I think GateKeeper is a huge boon to end-users—it’s effective against man-in-the-middle and masquerade attacks, and the latter is a very common vector for malware," Delicious Monster's Wil Shipley told Ars. "GateKeeper is a brilliant design because there’s a cost to develop each round of computer viruses/trojans/worms, and GateKeeper lowers the chances of any particular piece of malware being a hit. It changes the economics of malware in favor of Mac users."

Iconfactory's Craig Hockenberry agreed. "I definitely think that GateKeeper is helping end users. I know that whenever I click on a download link and see that the developer hasn't signed their app, I think twice about installing it," Hockenberry told Ars.

It also appears GateKeeper hasn't caused huge problems for developers who actively market and sell their apps. "From a development point-of-view, it's been a simple change with a lot of benefit. I hear a lot of my fellow developers saying the same thing," Hockenberry said.

"It's simple to implement, has low impact on developers and users, and feels like a good way for Apple to block truly malicious applications. We're totally on board," Panic's Cabel Sasser added.

Shipley explained why developers seem to benefit from Apple's implementation of GateKeeper: because it lets customers know that if they trust the company's name, they can trust the company's software, too.

"Without GateKeeper, a customer could download a copy of Delicious Library from some third-party download site which had maliciously inserted some malware into it. We couldn’t prevent this, and the user couldn’t detect it. Now the user will be informed the software wasn’t blessed by us, so they can discard it safely before it ever launches," Shipley said. "That kind of user confidence is what made the iPhone App Store such a success. Many falsely attribute the safety of the App Store to sandboxing, but in fact it’s due to the iPhone’s implicit version of GateKeeper (e.g., every app that runs on the iPhone has to have been signed by Apple)."

It's worth remembering that there are ways to install non-Mac-App-Store, unsigned apps on your Mac under Mountain Lion—you just have to turn off or work around GateKeeper. This can be done by going to your Settings and into the Security & Privacy control panel, or by right-clicking to force open an unsigned app. This, developer Colin Barrett argues, is easy enough for most users.

"I have not personally heard of people, users or otherwise, having much trouble thanks to Gatekeeper itself. Some folks have had problems with it that were easily solved once they learned about the handy right-click Open 'work-around' Apple included (which is one of my favorite pieces of security UX in recent memory)," Barrett told Ars. "Also, a lot of people have discovered said workaround through the excellent confirmation box Apple includes when you try to turn off Gatekeeper entirely."

Jamie Phelps, a "code wrangler" from AgileBits, echoed this sentiment. "I think Gatekeeper is helping the vast majority of end users. I have Gatekeeper enabled on my Mac. Whenever I download an application and double-click, the 'unidentified developer' pop-up gives me pause," Phelps told Ars. "As a nerd, I know I can bypass this, but at a very minimum it makes me take a beat and think about what I'm doing."

But Sasser warned against turning off GateKeeper due to overconfidence—he's concerned that too many will disable GateKeeper's protections altogether, which might only help to spread malicious software in the future. "Users will all-too-readily set their default to 'Anywhere,' rendering the whole feature useless. I hope that people will think twice before changing this setting," he cautioned.

Challenges faced by smaller developers

Although many developers are happy with GateKeeper, not everyone sees such a rosy future for Mac software. In particular, hobbyist programmers and open source developers—generally, the ones not trying to make money out of the gate—are those whose work is suffering the most from GateKeeper's restrictions. And although they might be OK with that on a personal level, they're not always OK with it when it comes to where the platform is going.

Wesley Reynolds has given up development of his popular Dropbox Droplet widget, thanks in part to Mountain Lion and GateKeeper. His widget stopped working when Mountain Lion was released, and he's unable to figure out how to make it work again without shelling out $99 for a Mac developer account—even though he doesn't make any money from the widget. When I asked him his take on how things have changed, he explained that while he admires what Apple is trying to accomplish, he doesn't like the way the ecosystem hurts smaller developers.

"I could pay my $99 to find out how to fix this problem and sign my app, but I did this as a bit of a hobby to learn how dashboard widgets work, and the $99 was too big a pill to swallow," Reynolds said.

"I think Gatekeeper is pretty much killing the hobbyist coder on Mac. No longer will you be able to grab the tools for free that you need to code a program and then share it with whoever may be interested in it," Reynolds continued. "It was exciting for me to have created a handy little widget as an experiment to learn about Dashboard Widgets, and then, just because it's done, throw it up on the Web and have many thousands of people download it and use it. Now, a hobbyist coder can still download the tools for free, and learn to code and make a neat app that will run on their computer, no problem, but they can't give it to anyone over an Internet connection without Gatekeeper kicking in."

Reynolds acknowledged that there are some end user benefits to this restriction—namely that some hobbyist applications are "half-baked," low-quality, and have the potential to be dangerous. His own widget uses behind-the-scene Terminal commands in order to function, and he pointed out that he could have easily programmed the widget to delete things it shouldn't.

But if not for hobbyist programmers, would OS X be where it is today as a platform? Longtime Mac users no doubt remember the struggle to find useful software for anything, and the robust developer ecosystem we have today might not even exist if not for individuals taking an interest in coding for the Mac in their free time. Many have since turned their hobbies into full-fledged software houses, but there are others still tinkering around to see if they want to hop on board.

"Open source apps are legitimately hurt the worst, I think. Low-budget, but super-useful apps," Reynolds said. "My mom will have a hard time running an old or potentially dangerous app. Now, she'll also have a hard time running an old and harmless app she used to love. But at least it's safety in the better direction."

Where is Apple going from here?

When we first interviewed developers, some indicated a certain level of unease with where the Mac platform might be going. Rogue Amoeba's Paul Kafasis pointed out at the time that Apple already has more control with GateKeeper than it did previously—even with the middle-ground option. Stand Alone's Ben Gottlieb said he actually fears the day Apple tries to change the default to "only allow App Store apps."

Reynolds, unsurprisingly, took a similar stance when I asked him what he thought. "I think the Mac will be further locked down, requiring sandboxing for non-App Store apps perhaps?" Reynolds said. "I can see a world where you are unable to download an app to your Mac from the Internet without going through the manicured App Store, but that's a huge burden and liability to Apple if they claim 100% ownership over taste and over what is a 'good' app, and something awful goes wrong. The hobbyist coder will really be dead and buried at that point."

But the other developers I spoke to seemed to have a more positive take on the direction of third-party software on OS X.

"I really think Apple is in the business of creating the best experience possible for their users. I don't think that means Mac App Store apps only, because I don't think anyone at Apple would argue that the loss of apps like SuperDuper!, TextExpander, or Hazel would be best for the users' experience," Phelps told Ars.

"It's always hard to predict Apple's plans for the future, but if the past few years is any guide, I'd look for the Mac to get even more secure," Hockenberry added. "The trick, of course, is to do that while providing developers with the flexibility to create the applications that their customers want to purchase."

Two months is obviously not enough time to conclude anything -- Apple won't change the policy again until the next major release, so this whole article is based on the faulty premise that if there were an 'apocalypse' (not my word), it would obviously happen suddenly shortly after the release of the last major push forward in user control, and that premise defies common sense.

Also, I am curious, if Apple should at some time in the future remove the 'Anywhere' option, will Ars Technica admit they were wrong in this article, or will they just move the goalposts and defend the new position?

Finally, even if Apple never removes the 'Anywhere' option, it is well within their power to make it extremely undesirable to release outside the App Store, by restricting the use of modern APIs to Mac App Store apps only, a process that has already begun since there are several APIs already that are available only if you release through the App Store.

The dangers involved in this course of action from Apple are far more subtle and complex than this rather simplistic article pretends, and in fact it is quite disappointing to read such shallow material on Ars Technica.

I think it's a great idea. I'm a developer but I leave it on the middle setting so I can override it whenever I want. But security is best when there are layers and this adds another layer of security with a miniscule amount of user interaction.

And the people who are most likely to need to override the Gatekeeper settings are the same people who will generally know what they're doing.

My father, on the other hand, bought his first computer 2 years ago and used only Windows at work had no problem switching to the Mac after a half intro where I showed him where everything is, and it's worked great with him having almost no issues at all. Having GateKeeper is great for him because he only uses a small number of applications, and they are all well known ones who have enabled GateKeeper.

I don't actually know anyone that has disabled it. Why would you? What is the benefit or the point of disabling it completely when it's trivial to right-click-open the occasional non-signed app/installer package.

The main problem with GateKeeper is that it's too weak. AFAIK it's just an extension of the old Quarantine system, which means it's pretty much opt-in anyway. Anything that transfers something onto your computer via an application that doesn't set the quarantine bit isn't even touched. It's not a run-time check so it leaves a lot of holes. A secondary problem would be that ideally other certificate masters could be trusted. The idea though of by default requiring signed software is a great one and it's not inherently burdensome.

As far as the future:

Quote:

Reynolds, unsurprisingly, took a similar stance when I asked him what he thought. "I think the Mac will be further locked down, requiring sandboxing for non-App Store apps perhaps?"

lol! Without hardware lock down that is effectively impossible. Apple would have to launch a completely new locked down platform to manage that. It'd break everything legacy. The entire existing installed Mac base would get obsoleted. Etc etc.

With iOS they had a brand new platform to start from scratch with and the ability to do entirely custom hardware. I don't think that will ever be the Mac though. Now it's not impossible that Apple could abandon the Mac entirely someday, but as long as they have the Mac platform I don't think any such requirements are even possible for Apple to attempt let alone worth it. Maybe it's just the article's interview but Reynolds seems a bit weird here. There is zero need to spend anything to develop any stand alone application or system modification on OS X. Did he mean that he wanted access to some dev videos or something?

Finally, even if Apple never removes the 'Anywhere' option, it is well within their power to make it extremely undesirable to release outside the App Store, by restricting the use of modern APIs to Mac App Store apps only, a process that has already begun since there are several APIs already that are available only if you release through the App Store.

No, that's not well within their power. In fact it's not possible at all, short of total platform lockdown. What Apple has restricted is use of Apple online services, like iCloud. Obviously for that Apple is in control of the service and can decide who is authorized to use it or not. But for purely client side applications they can't stop someone from using anything on the machine anymore then they can stop people from using entirely private APIs, which has been widespread since the beginning of the platform. I'm not sure you quite understand what an API is.

Two months is obviously not enough time to conclude anything -- Apple won't change the policy again until the next major release, so this whole article is based on the faulty premise that if there were an 'apocalypse' (not my word), it would obviously happen suddenly shortly after the release of the last major push forward in user control, and that premise defies common sense.

Also, I am curious, if Apple should at some time in the future remove the 'Anywhere' option, will Ars Technica admit they were wrong in this article, or will they just move the goalposts and defend the new position?

Finally, even if Apple never removes the 'Anywhere' option, it is well within their power to make it extremely undesirable to release outside the App Store, by restricting the use of modern APIs to Mac App Store apps only, a process that has already begun since there are several APIs already that are available only if you release through the App Store.

The dangers involved in this course of action from Apple are far more subtle and complex than this rather simplistic article pretends, and in fact it is quite disappointing to read such shallow material on Ars Technica.

Not only could all this happen, but Windows could get locked down and we could only ever make apps using javascript and HTML, and only publish them through the Windows App Store, and we would all think it's great because of the thought control radio waves from our wifi that we are made susceptible to by the fluoride in the water!

Seriously, I use Macs and they are definitely my preferred platform. But I am absolutely sure that Apple will never the things you are saying because I would drop them immediately - and, I am quite sure, so would many many others.

I don't see how open source apps are hurt. I downloaded the TextMate 2 source, compiled, and it opens just fine without changing the default Security & Privacy setting.

Gate Keeper would not impact anything you compile locally. Gate Keeper will only have anything to say for programs that were downloaded from the internet and have the appropriate bit set saying such (the program that did the downloading would have to set the bit). An app you get via a USB flash drive, CD ROM, compiled on your machine, or already had opened once before you upgraded to Mountain Lion won't be impacted at all.

Hell, if the app is compressed in some sort of archive you downloaded from the internet, and the program you use to decompress the archive doesn't set the bit saying it was downloaded from the Internet, then Gate Keeper won't say a thing (the integrated ones in OS X should set the bit, likely along with most of the prominent third party ones). In its current incarnation, Gate Keeper is very permissive, although it probably does a good job sabotaging drive-by downloads of malware that depend on the user sometime later opening it up (we'll see if that pans out in practice).

I'd bet quite strongly that the first poster disabled Gate Keeper immediately, before he'd even tried to download anything from the Internet (assuming he's even touched Mountain Lion...).

Open source apps are legitimately hurt the worst, I think. Low-budget, but super-useful apps

No they're not. The "low budget but super-useful" open source app I'm involved in has a paypal donation button near the download link, which brings in orders of magnitude more money than the cost of an annual developer account.

And if your app is niche enough you can't get that much money... it's not much of a stretch to ask your users to right-click open instead of double click.

I agree with the other developers quoted in the article. This is a huge benefit to users, it adds appreciable security now and lays a foundation for seriously good security in future.

The $99/year fee for developers is insignificant when compared with the thousands of dollars we are already spending on hardware and software, and the small inconveniences of having to make sure our app is properly signed is insignificant compared with the work involved in creating good software.

Anything the development community can do to increase user's safety will benefit not only the users, but in the long run also benefits developers. Customers are more willing to spend money on software if their tech savvy brother in-law doesn't constantly remind them not to download software off the internet.

… I don't think that means Mac App Store apps only, because I don't think anyone at Apple would argue that the loss of apps like SuperDuper!, TextExpander, or Hazel would be best for the users' experience …

well apple has shown many times that sometimes such small sacrifices have to be made.

but if apple really we're to enforce the app store then a LOT of other apps would have people cry out:* creative suite, microsoft office, parallels, skype, chrome, openoffice, firefox, vlc, blender, ...* all the oss software universities require their students to use. like latex, ...* not to mention all the developer tools like python3, eclipse, ...

at the very least apple would have to allow GPL apps in the app store, give away developer accounts/app store keys dozens of oss projects, allow java apps and apps with root level access. not to mention coaxing adobe, microsoft & all the targeted $>10k business app makers to distribute their software in the app store...

so no, there is NO way in hell, apple will be able to lock down OSX the way iOS is without unprecedented backlash. some even from its most loyal users. heck it would certainly lock itself out of the education (students & universities alike) & business markets.

I dislike Apple in many ways, call me an Apple Hater if you like. I can understand the doubts about further locking down software installation as a default setting to get an easy xx% by pushing devs to use the appstore.

But GateKeeper seems like a step in a good direction for the typical user. And the typical user is the kind the mass is made of (funding your business) and who needs to be made aware whether software is signed or not because he would never bother to check actively. If I think about the non technical users and the viruses, worms and spyware they had, something like Gatekeeper could have prevented a good part of their problems. Even if it just checks for the quarantine bit.

The whole thing might be bad for hobby developers and OSS, but as a business decision it totally seems a good move to me. And that's especially because you can disable it entirely or on a by case basis rather easily if you know better.

You just have to bypass a perfectly legitimate security warning when you download a binary from an unofficial fork of the project, and the group distributing official binaries has to spend $99 per year on a certificate they can use to sign their binaries.

Two months is obviously not enough time to conclude anything -- Apple won't change the policy again until the next major release, so this whole article is based on the faulty premise that if there were an 'apocalypse' (not my word), it would obviously happen suddenly shortly after the release of the last major push forward in user control, and that premise defies common sense.

Also, I am curious, if Apple should at some time in the future remove the 'Anywhere' option, will Ars Technica admit they were wrong in this article, or will they just move the goalposts and defend the new position?

Finally, even if Apple never removes the 'Anywhere' option, it is well within their power to make it extremely undesirable to release outside the App Store, by restricting the use of modern APIs to Mac App Store apps only, a process that has already begun since there are several APIs already that are available only if you release through the App Store.

The dangers involved in this course of action from Apple are far more subtle and complex than this rather simplistic article pretends, and in fact it is quite disappointing to read such shallow material on Ars Technica.

Not only could all this happen, but Windows could get locked down and we could only ever make apps using javascript and HTML, and only publish them through the Windows App Store, and we would all think it's great because of the thought control radio waves from our wifi that we are made susceptible to by the fluoride in the water!

Seriously, I use Macs and they are definitely my preferred platform. But I am absolutely sure that Apple will never the things you are saying because I would drop them immediately - and, I am quite sure, so would many many others.

Windows is already half locked down; Metro apps will be only publishable via the Windows App Store. Talk about restricted APIs! And you may leave the platform, but the majority of developers won't and you damn well know it, and so does Apple. But by all means, keep sleeping.

Finally, even if Apple never removes the 'Anywhere' option, it is well within their power to make it extremely undesirable to release outside the App Store, by restricting the use of modern APIs to Mac App Store apps only, a process that has already begun since there are several APIs already that are available only if you release through the App Store.

No, that's not well within their power. In fact it's not possible at all, short of total platform lockdown. What Apple has restricted is use of Apple online services, like iCloud. Obviously for that Apple is in control of the service and can decide who is authorized to use it or not. But for purely client side applications they can't stop someone from using anything on the machine anymore then they can stop people from using entirely private APIs, which has been widespread since the beginning of the platform. I'm not sure you quite understand what an API is.

So using private APIs... how did that work out then, for all the developers that did that against Apple's recommendations? Every program that did that broke with every new operating system release. If you don't think Apple can force this issue, you've obviously never been a jailbreaker. Even if they can't prevent you from doing something, they have plenty of leverage to make it extremely annoying. I'm not sure you quite understand what an operating system is -- Apple has root.

I don't get the argument that this hurts hobby developers. The iOS App Store is a significantly stronger version of the same, and yet isn't one of the common complaints of the App Store that it has too many hobbyists trying to ship software on it?

It's still up to the downloader to put that quarantine bit. I don't see why it is hard to let the downloader (especially things like curl or wget) to stop setting that bit when downloading an application from a well-known repository. In fact, what we need is just an Apple-approved App Store-like trusted repository of open source software, and I would say MacPorts current fits that description pretty well. Apple once had plans to include MacPorts in default system installations, and I sometimes dream of that happening.

Regardless of whether or not it "pads Apple's pockets," a developer who isn't willing to spend a C-note on their software is definitely a developer I want to avoid!

Missing that some of these developers are doing it as a hobby and make N O money off their applications.

Apple should really have an option where, for free software, people can get a way to sign their apps WITHOUT shelling out money while people who are selling apps for profit still have to pay the 99 dollars.

I've left it enabled to the default (allow MAS and dev signed apps) on all my Macs - and I'm a Mac developer.

Also, I'm not sure I see the harm for open-source. The GateKeeper restriction is on downloaded binaries, not source code, nor binaries that you build locally. Take MacPorts stuff for example: since the port install process downloads the source and builds the binary on your machine, GateKeeper never comes into play.

Apple has already demonstrated that it isn't interested in me. I'm unwilling to register to do what shouldn't require registration and unwilling to pay $100 a year to produce open source freeware that brings me no $ in return and fuels Apple's unethical lawsuits. Furthermore, my apps wouldn't even be allowed in the app store because they're written in Java (among other things). So I have to live with writing what's effectively scareware. I've been a Mac user for over 20 years and I will be until my computer dies (which, despite being 8-core and quite fast, can't run the latest OS - thanks).

Also, I'm not sure I see the harm for open-source. The GateKeeper restriction is on downloaded binaries, not source code, nor binaries that you build locally. Take MacPorts stuff for example: since the port install process downloads the source and builds the binary on your machine, GateKeeper never comes into play.

How should a developer conveniently offer GPLed apps to novice users without paying for a license?

If you use a package manager GK has nothing to do with you either. If you're just downloading something random off a website with Safari then yeah, it'll ask (once) unless turned off entirely or unless scripted. That's what it's for. Still seems kind of minor though.

Laroquod wrote:

So using private APIs... how did that work out then, for all the developers that did that against Apple's recommendations?

Worked out fine. That was the only way to do lots of stuff (like having an icon in the menu bar).

Quote:

Every program that did that broke with every new operating system release.

Hah. That happens anyway. Major update (or for that matter minor updates) sometimes break stuff, BFD, if it's active software it'll get updated and if not then it's toast and a person can either find alternatives or not update the OS. So no, nothing Apple can do, in fact it's even more so with one of your imaginary pure client-side "modern" (and public) APIs. If they change those every single MAS app using it would break too, obviously. That's all the designation of "public" vs "private" is. It's all software, it's the same thing.

Quote:

If you don't think Apple can force this issue, you've obviously never been a jailbreaker.

I am a jailbreaker thank you, and I specifically mentioned, multiple times, the difference between locked down hardware with no legacy vs an open platform with decades of legacy. Try reading next time?

Quote:

I'm not sure you quite understand what an operating system is -- Apple has root.

If you have a citation showing Apple has root feel free to provide, otherwise you just made yourself look even more foolish then earlier. The entire core of OS X is open source (I've had to make up a custom kernel myself, albeit that hasn't been necessary for a long time). The entire hardware side is standard x86. Far from locking down OS X, Apple has never even bothered to expend more then the barest cursory effort in even making a Mac required.

Windows is already half locked down; Metro apps will be only publishable via the Windows App Store. Talk about restricted APIs! And you may leave the platform, but the majority of developers won't and you damn well know it, and so does Apple. But by all means, keep sleeping.

You're right! Everyone get your pitchforks! Put on your tinfoil hats! They're out to get us! All of them! All the time!

Here's the secret weapon though: If they make something you don't like it, don't buy it.

You can get angry and act like a child having a tantrum all you want, but it makes you look silly and does nothing to prove me wrong. Developers will follow the money, simple as that. And while there may grow a market for a more locked down computing appliance (e.g. car nav, tvs, media centers, toasters, whatever) there will always be people that want a general purpose computer they can work with.

Also, I'm not sure I see the harm for open-source. The GateKeeper restriction is on downloaded binaries, not source code, nor binaries that you build locally. Take MacPorts stuff for example: since the port install process downloads the source and builds the binary on your machine, GateKeeper never comes into play.

How should a developer conveniently offer GPLed apps to novice users without paying for a license?

How "novice" are you talking about here? Unable to handle "Control-click, Open" even with a little picture guide?

The problem with all these schemes is that they don't actually stop you being malicious, they just force you to pay to be malicious and relying on the economics pushing out malicious people -- it's the same with commercial (as opposed to self-signed) SSL certificates.

It's an example of a strategy that seems to make it harder for some people to be bad by making the world a little bit worse for everyone to and I think that's a bit of a shame to see. It's like pat down searches on planes.

Regardless of whether or not it "pads Apple's pockets," a developer who isn't willing to spend a C-note on their software is definitely a developer I want to avoid!

Missing that some of these developers are doing it as a hobby and make N O money off their applications.

They don't make any money, but they do have very high expenses already, and they're not forced to add this to their list of expenses. You only have to pay to remove the security warning message. Similar to SSL, if you want a secure connection with browsers navigating your website, it is free. But there will be an intrusive "untrusted certificate" alert message unless you spend money every couple of years on a third party signing authority.

Apple's developer program is around the same price as a typical SSL certificate, and it serves exactly the same purpose. The only difference is it's on by default, in my opinion SSL should also be on by default, and OS X doesn't accept apps signed by a long list of certificate authorities — there is only one certificate authority (apple). Once again, rouge or hacked SSL certificate authorities are a big problem and malicious organisations are able to get their web traffic signed if they want to. Apple made the right choice by only having one certificate authority for gatekeeper.

Abresh wrote:

Apple should really have an option where, for free software, people can get a way to sign their apps WITHOUT shelling out money while people who are selling apps for profit still have to pay the 99 dollars.

The point is to stop malware. Malware is always a free download. If anything, Gatekeeper should allow paid software to run without paying for a certificate, and only require free software to pay $99/year.

At least with paid software you can track the credit card transaction and drag the sons of bitches through a class action lawsuit if they install malware on your Mac. The problem is free downloads where you have no way of contacting the guy who distributed the app.

So using private APIs... how did that work out then, for all the developers that did that against Apple's recommendations?

Worked out fine. That was the only way to do lots of stuff (like having an icon in the menu bar).

Quote:

Every program that did that broke with every new operating system release.

Hah. That happens anyway.

Wow. Way to completely discredit yourself in three words. You clearly haven't a clue what you're talking about. Private API calls breaking was once considered the universal scourge of the Mac platform, and people blamed the developers -- not Apple.

xoa wrote:

Quote:

I'm not sure you quite understand what an operating system is -- Apple has root.

If you have a citation showing Apple has root feel free to provide, otherwise you just made yourself look even more foolish then earlier.

AHAHAHAHAA they wrote the freakin' code! Are you seriously suggesting that you can secure your Mac against the developer who wrote the frickin--- you know what? Forget it. Conversing with a pretender is a waste of my time. You know nothing. Goodbye.

Here's the secret weapon though: If they make something you don't like it, don't buy it.

Way ahead of you pal. Fortunately this being a free enough universe, I also get to make my views known publically.

smokedart wrote:

You can get angry and act like a child having a tantrum all you want, but it makes you look silly and does nothing to prove me wrong. Developers will follow the money, simple as that. And while there may grow a market for a more locked down computing appliance (e.g. car nav, tvs, media centers, toasters, whatever) there will always be people that want a general purpose computer they can work with.

And they will all switch to Linux. Isn't that exactly what you just recommended they do? "Don't buy it?" And quit with the whole childish/tantrum thing. If anything is childish here, it is refusing to listen to opposing viewpoints without characterising them as 'tantrums'.

Also, for anyone interested in just playing around with it, the spctl command can be used for testing, whitelisting (identical to the GUI), removing whitelist exceptions etc. Apple has it all reasonably well documented in the Mac Dev Library. If you just want an automatic way to purely change quarantine status, use xattr to add or remove com.apple.quarantine.

I don't get the argument that this hurts hobby developers. The iOS App Store is a significantly stronger version of the same, and yet isn't one of the common complaints of the App Store that it has too many hobbyists trying to ship software on it?

It's the level of hobbyist below the sells-their-finished-software-on-the-App-Store tier. For example, it's the people just starting out and discovering that they have to pay money to have a program that doesn't say "This might be a virus" when your friends/family open it. The $99/year fee might put that type of hobbyist off. If you think you're going to the App Store to make your fortune it's a no brainer, of course.

Mac used to be really welcoming for beginner programmers because you had a copy of Xcode (not brain dead easy for new users but an excellent IDE) bundled with every computer sold. There's a lot of stories of people who had a problem, found Xcode on their install CDs and ended up writing a commercial program that went on to do really well.

The problem with all these schemes is that they don't actually stop you being malicious, they just force you to pay to be malicious and relying on the economics pushing out malicious people -- it's the same with commercial (as opposed to self-signed) SSL certificates.

It's an example of a strategy that seems to make it harder for some people to be bad by making the world a little bit worse for everyone to and I think that's a bit of a shame to see. It's like pat down searches on planes.

That's not true.

As soon as you pay $99 per year to Apple, they are able to report your contact details to the FBI (or at least they can hand the FBI your bank account details). Unless a criminal really knows what they are doing, they are not going to distribute signed malware without getting caught, and potentially serving a few years in jail.

Also, Apple is able to revoke these certificates at any time. Once a certificate is revoked (I have tested it, developers are also able to revoke their own certificate), it will not be long before every single device in the world will refuse to execute any binary code that is signed by the certificate.

If a malware author signs their code, it will probably be shut down long before it infects enough macs to be newsworthy, and the FBI (and other law enforcement around the world) will have a very good lead to begin trying to track down and prosecute the people involved.

The problem with all these schemes is that they don't actually stop you being malicious, they just force you to pay to be malicious and relying on the economics pushing out malicious people -- it's the same with commercial (as opposed to self-signed) SSL certificates.

It's an example of a strategy that seems to make it harder for some people to be bad by making the world a little bit worse for everyone to and I think that's a bit of a shame to see. It's like pat down searches on planes.

That's not true.

As soon as you pay $99 per year to Apple, they are able to report your contact details to the FBI (or at least they can hand the FBI your bank account details). Unless a criminal really knows what they are doing, they are not going to distribute signed malware without getting caught, and potentially serving a few years in jail.

Also, Apple is able to revoke these certificates at any time. Once a certificate is revoked (I have tested it, developers are also able to revoke their own certificate), it will not be long before every single device in the world will refuse to execute any binary code that is signed by the certificate.

If a malware author signs their code, it will probably be shut down long before it infects enough macs to be newsworthy, and the FBI (and other law enforcement around the world) will have a very good lead to begin trying to track down and prosecute the people involved.

We actually don't disagree. You've just gone into detail about what pushes out the malicious people. My point was less what the FBI can do once you've been malicious and more that it affects everyone regardless of whether you're going to be malicious.

Wow. Way to completely discredit yourself in three words. You clearly haven't a clue what you're talking about. Private APIs breaking was once considered the universal scourge of the Mac platform, and people blamed the developers -- not Apple.

Who are "people" here? You're just tossing out an unqualified straw man there. And for that matter what has changed? When major new updates happen fairly often at least some software, or certain features of some software, no longer works. And when that happens a certain percentage of users may blame the developers. At the same time though plenty of users are now cognizant that Apple changes stuff and sometimes old things break. That's why sites like RoaringApps were established, to help users make an informed decision before pulling the trigger.

Come now, these are hardly radical, new issues. There's a reason businesses and professionals in general are typically very conservative about upgrades and have been practically always. These are big systems, and even with the best will in the world there are always edge cases.

Quote:

Are you seriously suggesting that you can secure your Mac against the developer who wrote the frickin--- you know what? Forget it. Conversing with a pretender is a waste of my time. You know nothing. Goodbye.

A grown up and mature way to support your argument that Apple will somehow magically restrict non-network-service APIs to MAS applications without completely hardware lockdown. I am most impressed by your erudition and eloquence sir. Consider me another of the no doubt many Internet denizens who you have vanquished!

Mac used to be really welcoming for beginner programmers because you had a copy of Xcode (not brain dead easy for new users but an excellent IDE) bundled with every computer sold. There's a lot of stories of people who had a problem, found Xcode on their install CDs and ended up writing a commercial program that went on to do really well.

Perhaps you should try clicking on the "App Store" icon, and then navigate to the "Developer Tools" category. There you will find Xcode along with a whole bunch of other really awesome free tools perfect for the hobbyist programmer.

Sure, it's not on the installation DVD anymore, but it is still available for free via a single click. Not to mention the on one that ships with your mac is almost immediately an old/out of date version, so I never got to use it when I was a teenager. I always had to pay something like $30 for Apple to snail-mail an installation disk to me (my internet connection was not fast enough to download it from the FTP server).